Search Results

Search found 6870 results on 275 pages for 'admin privileges'.

Page 126/275 | < Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133 | Next Page >

Problem with testsaslauthd and kerberos5 ("saslauthd internal error")

- by danorton

The error message “saslauthd internal error” seems like a catch-all for saslauthd, so I’m not sure if it’s a red herring, but here’s the brief description of my problem: This Kerberos command works fine: $ echo getprivs | kadmin -p username -w password Authenticating as principal username with password. kadmin: getprivs current privileges: GET ADD MODIFY DELETE But this SASL test command fails: $ testsaslauthd -u username -p password 0: NO "authentication failed" saslauthd works fine with "-a sasldb", but the above is with "-a kerberos5" This is the most detail I seem to be able to get from saslauthd: saslauthd[]: auth_krb5: krb5_get_init_creds_password: -1765328353 saslauthd[]: do_auth : auth failure: [user=username] [service=imap] [realm=] [mech=kerberos5] [reason=saslauthd internal error] Kerberos seems happy: krb5kdc[](info): AS_REQ (4 etypes {18 17 16 23}) 127.0.0.1: ISSUE: authtime 1298779891, etypes {rep=18 tkt=18 ses=18}, username at REALM for krbtgt/DOMAIN at REALM I’m running Ubuntu 10.04 (lucid) with the latest updates, namely: Kerberos 5 release 1.8.1 saslauthd 2.1.23 Thanks for any clues.

Read the article
LDAP for privilege control?

- by neoice

I've been wondering for a while if LDAP can be used to control user privileges. For example, if I have UNIX and web logins, is there an easy way to grant a user access to just or just UNIX (or even both?) My current attempt at solving this very problem was to create 'login' and 'nologin' groups, but this doesn't seem fine-grained enough to meet the ideas I have in my head. I'm also still in the situation where all UNIX users are web users, which isn't a problem so much as an indicator of the limitations. Does anyone have any input on this? Has this problem already been solved?

Read the article
Juniper SRX1400 VPN

- by ank

I have been trying to set up a client VPN on a Juniper SRX1400 without much success. All documentation I found from Juniper and elsewhere does a lot of other (difficult and wonderful) things other than the simple things I want to do. We already have a VPN running on CISCO PIX hardware which we need to put to rest and we pretty much like to replicate the functionality, which is: 1) client makes a request to the outside interface of the SRX1400, 2) client gets authenticated, 3) if successful, then client is assigned all the usual DHCP stuff and becomes part of the network. What privileges this DHCP assigned network has, should be configurable of course with the usual routing/filtering methods. Am I asking for too much from the SRX for this kind of thing? Should I ditch the SRX for VPN and revert to an OpenVPN solution that I had working some time back also and was amazed at the ease of configuration, functionality and features?

Read the article
SSH and Active Directory authentication

- by disserman

Is it possible to set up Linux (and Solaris) SSH server to authenticate users in this way: i.e. user john is a member of the group Project1_Developers in the Active Directory. we have something on the server A (running Linux, the server has an access to the AD via i.e. LDAP) in the SSH server LDAP (or other module) authentication config like root=Project1_Developers,Company_NIX_Admins. when john connects to the server A using his username "john" and domain password, the server checks the john's group in the domain and if the group is "Project1_Developers" or "Company_NIX_Admins", makes him locally as a root with a root privileges. The idea is also to have only a "root" and a system users on the server, without adding user "john" to all servers where John can log in. Any help or the idea how to make the above or something similar to the above? Preferred using AD but any other similar solution is also possible. p.s. please don't open a discussions is it secure to login via ssh as root or not, thanks :)

Read the article
Online meetings: any recommendations?

- by T Pops

There's a few times at work when I have to host a meeting and physical presence is impossible. For these situations I've been using Acrobat ConnectNow. Specifically because it's free. Are there any other recommendations out there? Free or not. What are the pros and cons? I'll start a compiled list of apps from the answers here right now. Anyone with Wiki editing privileges is welcome to edit this: Paid GoTo Meeting Webex TeamViewer (free for non-commercial) Groove (bundled with MS Office) Free Yugma Yuuguu SharedView TinyChat Other Options CoPilot

Read the article
Nginx Restart Issues

- by heavymark

All of the sudden when restarting Nginx I get the following error: Restarting nginx: [alert]: could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied) 2011/02/16 17:20:58 [warn] 23925#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1 the configuration file /etc/nginx/nginx.conf syntax is ok 2011/02/16 17:20:58 [emerg] 23925#0: open() "/var/run/nginx.pid" failed (13: Permission denied) configuration file /etc/nginx/nginx.conf test failed On the front end part of the site loads but some files such as the CSS in particular are not loading. They exist on the server but when loading the resources directly in Chrome they say "Oops this page can't be found." I set a special group and user to run my apache files using suexec for my domain files. I think the nginx are owned by root however which I'm assuming is the problem but which nginx file ownerships would I change?

Read the article
May the file size returned by stat be compromised?

- by codeholic

I want to make sure that nobody changed a file. In order to accomplish that, I want not only to check MD5 sum of the file, but also check its size, since as far as I understand this additional simple check can sophisticate falsification by several digits. May I trust the size that stat returns? I don't mean if changes were made to stat itself. I don't go that deep. But, for instance, may one compromise the file size that stat returns by hacking the directory file? Or by similar means, that do not require superuser privileges? It's Linux.

Read the article
How do I disable administrator prompt in Windows 8?

- by Arnold Zokas

I am using Windows 8 Enterprise on my development machine. Most of the time, I need full administrator for debugging, changing system files, etc. In Windows 7, setting UAC to "never notify" would disable any administrator prompts. In Windows 8 this is no longer the case. Even with UAC disabled I get prompted to grant programs elevated privileges. Is there a way disable this behaviour? Note: I am fully aware of the repercussions. I have antivirus, firewall, etc and am generally quite careful about what I download or install on my machine.

Read the article
Configuring vsftpd with nginx on ubuntu

- by arby

I have vsftpd installed on Ubuntu 12.04LTS along with nginx, php, and sql on an Amazon ec2 instance. The web server is good to go, but I'm having trouble connecting to the FTP server. I'm not quite sure how to set the privileges or what configuration options I might be missing. By default, the location of the web root is at /usr/share/nginx/www and it is owned by root:root. The web server runs as user www-data in the group www-data. I've opened port 21 and set the passive ports in the ec2 backend and ufw firewall. In vsftpd.conf, I have: ... anonymous_enable=NO local_enable=YES local_umask=0027 chroot_local_user=YES pasv_enable=YES pas_max_port=12100 pasv_min_port=12000 port_enable=YES ... Now, I'm unsure how to create the FTP user that when I login, displays my web directory with write access. I've tried it a few different ways, but I keep running into errors (either no connection, no write access, or very slow timeouts.)

Read the article
access VPN machine macosx same subnet

- by matheszabi

I would like to access the office machine, which has a fixed IP, and is available only in its local LAN. Let say 192.168.1.100. I have a VPN with username/password connection and I am trying to access the office machine from another location, i.e., another LAN, which has the same subnet: 192.168.1.50. I am using MacOSX 10.8. I have checked the "send all trafic over VPN connection, but I think it looks like it doesn't care and is searching in Local. I do not have admin privileges and can't request to make changes to the network settings in both LANs. Is there any way to connect to the desired remote machine?

Read the article
Internet Explorer 9 auto "feeling lucky" for gmail bing search

- by Gareth Jones

When Im at school and using school computers, i have to use has IE9. When I want to access my gmail, I type in "gmail" in the URL bar, and thus IE9 does a bing search. The page half loads (As in, loads just about every thing but the search results) and then opens my gmail, kinda like google's "i'm feeling lucky". My question is this: Why? IE9 doesn't have the URL of gmail, as i can watch the bing search load, and then the url changes to gmail, and it only happens for Gmail, having tired with searching Google and Facebook in the same method. The computer is running Windows 7 with Windows Aero disabled, and limited account privileges. While its a cool thing, I would like to known what causes it to happen. Thanks

Read the article
On WHM/cPanel how can you tell which packages are in use?

- by Paul Masri

I want to find out a) which packages are currently in use, and b) which accounts are using them, so I can do some housekeeping. If I go to 'Show Reseller Accounts', it'll list all the accounts by reseller and I can see which accounts use which, so I could go the longhand route of counting through them one by one, but I wondered if there's a way of getting a simple listing. NB: I've seen that if I go to 'Edit Reseller privileges & nameservers' for one of my resellers, I'll see a 'Package limits' table which has a 'Current' column that shows exactly what I'm looking for... but it's for that reseller only, and I don't get this table for resellers that have no package limits (e.g. me).

Read the article
Web based interface for open SSL client certificates

- by Felix

Hi there! We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient. Atm, I am using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?

Read the article
set internet explorer as default browser from command line

- by eric cartman

Is it possible to set internet explorer as default browser from command line? I have a web application that runs only under ie but if it happens that firefox is the default one, it doesn't work. Users are in a domain environment and even though I try to launch our application from a batch in this way start "C:\Program Files\Internet Explorer\iexplore.exe" http://server_ip/home_page my app doesn't start unless I change the browser manually. Moreover I'd like to know if it's possible to set some policy on a domain to prevent that users with limited privileges could change the default browser. Thanks in advance.

Read the article
How do I get around "Access is Denied" [Number: 5 (0x80070005)], with IIS6/FastCGI and PHP 5.2.3?

- by Evan Carroll

I'm getting this error with IIS 6.0 (i assume), and PHP 5.2.3, and FastCGI FastCGI Error The FastCGI Handler was unable to process the request. Error Details: Error Number: 5 (0x80070005). Error Description: Access is denied. HTTP Error 500 - Server Error. Internet Information Services (IIS) Any ideas, nothing revealings in logs (other than 500 errors), this is pretty much all of I have to work with. The script has read and execute privileged for the internet guest account; and, I've added read/execute privileges to the whole D:\PHP. I followed this tutorial http://learn.iis.net/page.aspx/247/using-fastcgi-to-host-php-applications-on-iis-60/ to set it up. The only major diversion is I installed PHP to D:\PHP

Read the article
How to set my Ubuntu account to super user at all times?

- by iaddesign

I have the latest Ubuntu installed and I'll be the only one using it off the network. My question is: how can I make myself super user at all times? Because when I try to delete a file it says I don't have privileges to do so. I know you are going to say it's a security risk but I'm off the network and want to learn all that I can. I don't want to delete the files through the terminal but want to do it through the user interface/explorer. I've installed LAMP and can't copy my site to the www directory. I've tried to remove the preinstalled index file and it won't let me.

Read the article
VisualSVN Server won't work with AD, will with local accounts

- by frustrato

Decided recently to switch VisualSVN from local users to AD users, so we could easily add other employees. I added myself, gave Read/Write privileges across the whole repo, and then tried to log in. Whether I'm using tortoisesvn or the web client, I get a 403 Forbidden error: You don't have permission to access /svn/main/ on this server. I Googled a bit, but only found mention of phantom groups in the authz file. I don't have any of those. Any ideas? It works just fine with local accounts. EDIT: Don't know why I didn't try this earlier, but adding the domain before the username makes it work, ie MAIN/Bob. This normally only works when there are conflicting usernames...one local, one in AD, but for whatever reason it works here too. Kinda silly, but I can live with it.

Read the article
Advanced merge directory tree with cp in Linux

- by mtt

I need to: Copy all of a tree's folders (with all files, including hidden) under /sourcefolder/* preserving user privileges to /destfolder/ If there is a conflict with a file (a file with the same name exists in destfolder), then rename file in destfolder with a standard rule, like add "old" prefix to filename (readme.txt will become oldreadme.txt) copy the conflicted file from source to destination Conflicts between folders should be transparent - if same directory exists in both sourcefolder and destfolder, then preserve it and recursively copy its content according to the above rules. I need also a .txt report that describes all files/folders added to destfolder and files that were renamed. How can I accomplish this?

Read the article
How to access remotly to a mysql server?

- by ÉricP

Hi, I'm trying to access my remote mysql server from my own computer. I uncommented: bind-address = 80.10.65.45 I added 80.10.65.45 as a server in privilege root 80.10.65.45 yes ALL PRIVILEGES yes I'm using Sequel Pro on MacosX to connect via SSH here is the debug log: debug1: Authentication succeeded (password). debug1: Local connections to LOCALHOST:58517 forwarded to remote address 127.0.0.1:3306 debug1: Local forwarding listening on ::1 port 58517. debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 58517. debug1: channel 1: new [port listener] debug1: Entering interactive session. debug1: Connection to port 58517 forwarding to 127.0.0.1 port 3306 requested. debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused debug1: channel 2: free: direct-tcpip: listening port 58517 for 127.0.0.1 port 3306, connect from 127.0.0.1 port 58519, nchannels 3

Read the article
mongod fork vs nohup

- by Daniel Kitachewsky

I'm currently writing process management software. One package we use is mongo. Is there any difference between launching mongo with mongod --fork --logpath=/my/path/mongo.log and nohup mongod >> /my/path/mongo.log 2>&1 < /dev/null & ? My first thought was that --fork could spawn more processes and/or threads, and I was suggested that --fork could be useful for changing the effective user (downgrading privileges). But we run all under the same user (process manager and mongod), so is there any other difference? Thank you

Read the article
Block site on a PC logged into a domain and using a proxy

- by Rauf

I read lot of posts related with blocking sites. Most of the posts says to edit hosts file. I know it is a good method. But this one is not working for me. Can you guess what is the issue by analyzing the following details, My PC is joined to a domain and using proxy settings, and the logged in user having administrator privileges. After reading some answers, I did the following Changed the hosts file to have # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost 127.0.0.1 www.facebook.com Added no proxy for facebook, Still, it is not working. Why ?

Read the article
Windows 7 Public Documents Folder - how to move it to drive d:

- by Bazza Formez

Hi, I've just bought a new pc, and it is running Windows 7. I'm wanting to set up all of the documents folders such that they point to folders on a second drive partition (ie. disk D:) so that I have a nice separation of os from docs. I have managed to do this for each user on the machine (by opening up properties for documents folder and changing location). Hwoever, this procedure doesn't seem to work for the public documents folder. I cannot change the location for that one (even though I have administrator privileges). It is greyed out and cannot be changed. Any ideas ? Thanks!!

Read the article
Restart my graphics card without rebooting?

- by defaye

Wondered if it is possible to use DevCon to restart a display device as a stop-gap solution to artifacts left over from a graphics card malfunction? In particular it leaves my cursor very un-user-friendly: I found out the hardware ID of my display adapter through device manager (below) [(windows key + pause break) - device manager - display adapters - right click your display adapter - properties - details - hardware ids.] I tried the commands (opened with admin privileges) devcon restart "PCI\VEN_1002" and devcon restart =display but it always come back with No devices restarted.. Is it even possible to restart the graphics card without a system reboot?

Read the article
Windows7 home 64bit + Outlook 2010, multiple non-concurrent users

- by Jim Taylor

We have one windows computer shared by eight people. I have set up separate login accounts for each user. One account has administrative privileges, the others are standard users. We installed Outlook 2010 with the intention that each user could access their own email separately, without seeing the mail of other users. This has not worked as we intended. When the administrator logs in to each standard user account and starts the outlook mail setup, he is prompted for the administrative password, and then sets up the mail account. When accessing the outlook mail program after setup, each mail account shows as a separate tab in a communal inbox, rather than a separate mail box for each user. How would we accomplish the desired separation of Outlook mail accounts? Thanks for your advice Jim T.

Read the article
outlook freezes on splash screen - loading profile

- by sammarcow

I have a user with a frustrating application crash issue without Outlook: Windows 7 x64 Outlook 2010 crashes on the splash screen with the message "loading profile." I have deleted the users .ost file in "..\AppData\Local\Microsoft\Outlook\" and this crash occurs for multiple users including those with administrator privileges. I have also tried running outlook at the command prompt as an admin with the /safe command-line switch. I tried the repair utility in "programs and features by clicking Change after selecting Microsoft Office:" ~~ Microsoft office failed to successfully repair your product . I tried to uninstall Microsoft Office ~~ Microsoft Office failed to successfully uninstall this product. I am trying to avoid reimaging the machine for obvious reasons. Is there anything else I can try or insight any one has on this issue?

Read the article

< Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133 | Next Page >